Licences for software products (such as programs, audio files, video files, etc.) are commonly restricted to use of a single instance of the software product. That is, the licensed product cannot be used legitimately by more than one user, or, more precisely, on more than one user device (such as a PC, DVD player, etc.), at the same time. The standard approach to enforcing such limited-use licences is to bind the licence to a specific user device. This can be done by encoding a unique device identifier, such as a processor id, the id of a security chip, or a combination of certain configuration details, into the licence, and ensuring that the user device has the correct device identifier before the licensed software is run. For example, a usage program such as a media player may check that it is running on a device with the correct identifier before running a licensed audio or video file.
Binding a software licence to a specific user device has the drawback that if the device fails the licence cannot be exercised anymore. That is, this approach does not ensure availability of the licence to the user. This availability problem is currently addressed in one of two ways, both of which present new problems which make them undesirable for most applications. The first approach is to bind the licence to more than one user device at the outset, so that, if a current device fails, the licence can still be exercised by another device. However, technically nothing then prevents the user from exercising the licence on all of the devices concurrently, thus violating the licence. Moreover, not all users will have more than one device available for this purpose at the time the licence is acquired. The second approach is to entitle the user to a new licence for a new device if he can prove that the old device has failed, or that the identity of the old device has changed. This typically involves the user submitting the old device to the licensor for inspection purposes. Not only does this approach involve considerable inconvenience to the user, but it creates a significant privacy problem in that information about the user, and potentially data stored on the user device, is made accessible to the licensor.
A different type of licensing scheme in which software licences can be exercised on more than one user device is that of “floating licences”. Here, licences are bound to a certain group of users (e.g. of a company), and the scheme provides that, at any time, up to a specified plurality of licences for a software product can be actively used. The specified limit on the number of concurrently-used licences is typically controlled by a central licensing server for the user group. To run the software product, a user device contacts the licensing server and asks for a temporary licence which it receives if one is available (i.e. if less than the limiting number of licences are currently in use). The licence is then typically returned to the licensing server on termination of use. The licences are temporary in that there is a certain validity time, or use period, associated with a licence. Thus limited off-line use is allowed, but when the use period expires a new licence must be acquired to continue running the software product. While this scheme provides for transferability of licences between different user devices, it is designed for controlling multiple-instance use of a software product within a trusted environment such as a company network. It does not address the issues, touched on above, presented by licences for single-instance use in a more general environment.